Cybersecurity Policy and Regulations Manager

Our technology organization is transforming how we work at Smurfit Westrock. We align with our businesses to deliver innovative solutions that: Address specific business challenges, integrate processes, and create great experiences Connect our work to shared goals that propel Smurfit Westrock forward in the Digital Age Imagine how technology can advance the way we work by using disruptive technology We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology.The opportunity: The Cybersecurity Policy and Regulations Manager is responsible for developing, implementing, and maintaining the organizations cybersecurity policies, standards, procedures and regulatory compliance posture. This role ensures compliance with appliable laws, regulations and industry standards (NIST, ISO 27001, PCI DSS) while providing advisory support to business and IT teams. Partners closely with Legal, Privacy, IT and Security team and provide expert advisory support on Cybersecurity compliance and risk management across the enterprise. The manager also drives compliance awareness, monitors regulatory changes and supports internal and external audits as required. How you will impact Smurfit Westrock: Lead the design, delivery, and continuous improvement of cybersecurity policies, standards, procedures, and internal controls to ensure alignment with regulatory requirements (e.g. NIS2, GDPR) and industry frameworks such as NIST and industry best practices. Monitor, interpret, and assess the impact of emerging cybersecurity laws, regulations, and industry standards on organizational operations and compliance posture. Maintain and govern a comprehensive inventory of regulatory, commercial, and organizational cybersecurity requirements. Provide advisory support to internal stakeholders on cybersecurity compliance, risk mitigation, and regulatory obligations. Lead internal audit readiness efforts and manage external audit engagements, including regulator and certification audits. Deliver organization-wide compliance and regulatory awareness and training programs, promoting adherence to policies, procedures, and security best practices. Partner with Legal, Privacy, IT, and Security teams to address compliance gaps, support remediation, and maintain ongoing certifications. Investigate compliance issues, violations, or potential breaches, recommending corrective actions and coordinating remediation. Support and influence strategic cybersecurity initiatives, ensuring compliance considerations are integrated into enterprise-wide projects. Track, analyze, and report compliance metrics, findings, and risks to senior management, regulators, and other key stakeholders. What you need to succeed: Bachelor/u2019s degree in an IT- or related field, or a similar level of training. 7-10 years experience in at least one of the following areas; compliance, security, audit. Fluent in the English Possess excellent interpersonal skills, including interfacing effectively with a broad range of key stake holders including management with IT, Accounting/Finance, Internal Audit, External Audit, Financial Compliance, and other corporate functions. Excellent written and verbal communication, research, analytical, and writing skills. Ability to work independently and as part of a team; and the ability to take initiative with minimal direction to solve problems. Must be detail-oriented and have strong organizational skills. Possess strong time management to meet deadlines. Ability to demonstrate critical thinking skills. Knowledge of, and strong experience with, current IT frameworks (e.g., NIST, SOX, ITIL). Strong experience with IT General Controls for SOX and processes will be a plus. Knowledge of, and strong experience monitoring and implementing regulatory compliance requirements. A deep knowledge of IT compliance related processes is desired. Proficient with MS Office, especially MS Excel, and GRC Tools. Relevant certifications preferred (e.g., CPA, CISA, CIA, etc.). What we offer: Corporate culture based on loyalty, integrity, & respect. Comprehensive training with numerous learning and development opportunities An attractive salary reflecting skills, competencies, and potential. A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work. Smurfit Westrock is an Equal Opportunity Employer. We strive to create and maintain a diverse workforce where everyone feels valued, respected, and included. Smurfit Westrock does not discriminate based on race, color, religion, national origin, sex, age, disability, veteran status, sexual orientation, gender identity, or any other basis protected by federal, state, or local law. Smurfit Westrock (NYSE:SW) is a global leader in sustainable paper and packaging solutions. We are materials scientists, packaging designers, mechanical engineers and manufacturing experts with a shared purpose: Innovate Boldly. Package Sustainably. Guided by our values of safety, loyalty, integrity, and respect, we use leading science and technology to move fiber-based packaging forward.Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by state or federal law.

Created: 2026-03-10